Nadav Golombick wrote:
What is the correct procedure if I come to a situation where the
password length is too big for the given buffer.

If this is a design question, then the proper thing to do IMHO
is akin to what's done for HMAC-MD5 or HMAC-SHA1 -- if the
passphrase exceeds the buffer length,  compute the SHA1
hash of the passphrase and use that as the passphrase.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to